scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-02 11:38:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

http: mask user error away from unseal since its not actionable

Browse Source
This commit is contained in:
Mitchell Hashimoto
2015-03-12 11:26:59 -07:00
parent c2672f2868
commit e3fbe54a04
2 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
http/sys_seal.go
View File

@@ -5,6 +5,7 @@ import (
"errors" "errors"
"net/http" "net/http"
"github.com/hashicorp/errwrap"
"github.com/hashicorp/vault/vault" "github.com/hashicorp/vault/vault"
) )
@@ -55,8 +56,12 @@ func handleSysUnseal(core *vault.Core) http.Handler {
// Attempt the unseal // Attempt the unseal
if _, err := core.Unseal(key); err != nil { if _, err := core.Unseal(key); err != nil {
respondError(w, http.StatusInternalServerError, err) // Ignore ErrInvalidKey because its a user error that we
return // mask away. We just show them the seal status.
if !errwrap.ContainsType(err, new(vault.ErrInvalidKey)) {
respondError(w, http.StatusInternalServerError, err)
return
}
} }
// Return the seal status // Return the seal status

5
http/sys_seal_test.go
View File

@@ -97,16 +97,13 @@ func TestSysUnseal(t *testing.T) {
} }
func TestSysUnseal_badKey(t *testing.T) { func TestSysUnseal_badKey(t *testing.T) {
// TODO: wait on Armon to fix error message from core
t.Skip()
core := testCore(t) core := testCore(t)
testCoreInit(t, core) testCoreInit(t, core)
ln, addr := testServer(t, core) ln, addr := testServer(t, core)
defer ln.Close() defer ln.Close()
resp := testHttpPut(t, addr+"/v1/sys/unseal", map[string]interface{}{ resp := testHttpPut(t, addr+"/v1/sys/unseal", map[string]interface{}{
"key": "foo", "key": "0123",
}) })
var actual map[string]interface{} var actual map[string]interface{}